Open Stack

Hi Ogawa san and Tacker team,

This mailer is regarding the SRBAC implementation happening in Tacker.

In the Tacker release 2023.1 virtual PTG [1], it was decided by the Tacker
community to partially implement the project personas (project-reader role)
in the current release. And in upcoming releases, we will implement the
remaining project-member role.

To address the above requirement, I have prepared a specification [2] and
pushed the same in Gerrit for community review.

Ghanshyam san reviewed the specification and shared TC's opinion and
suggestion to implement both the project-reader and project-member roles.
The complete persona implementation will depreciate the 'owner' rule,
and help in restricting any other role to accessing project-based resources.
Additionally, intact legacy admin (current admin), works in the same way so
that we do not break things and introduce the project personas which should
be additional things to be available for operators to adopt.

Current Status: Incorporated the new requirement and uploaded a new patch
set to address the review comment.

Note: The Tacker spec freeze date is 28th Dec 2022, there might be some
delay in merging the specification in shared timelines.

[1] https://etherpad.opendev.org/p/tacker-antelope-ptg#L186
[2] https://review.opendev.org/c/openstack/tacker-specs/+/866956

Thanks & Regards,
Manpreet Kaur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20221226/3882d2f2/attachment.htm>